BUILDING SECURE SYSTEMS

New approaches to hardware embedded roots of trust, authentication and encryption have emerged for FPGAs with programmable logic components in the form of PUFs (Physical Unclonable Functions). The Enthentica HELP PUF (strong PUF) uses the natural variations of the chip as a source of randomness (entropy) used in the generation of virtually unlimited number of unique bitstrings or keys as the mechanism to enable challenge / response authentication and encryption, making it impossible to “learn” and steal the keys.

In today’s world of distributed computing and the Internet of Things it is often difficult to be certain that throughout the system each party is the “trusted” device that you believe it to be. Identifiers (Keys) used for Authentication and Encryption can be hacked and stolen, imposters can insert themselves into the network, malware can be injected, back-doors can be engineered. This problem is even more acute as more devices are connected to the network or cloud, are remote and not easily inspected for software and hardware hacking.

TRUSTED ENVIRONMENTS

Security and trust have become critically important for a wide range of existing and emerging micro-electronic systems including those embedded in aerospace and defense, industrial ICS and SCADA environments, automotive and autonomous vehicles, data centers, communications and medical healthcare devices. The vulnerability of these systems is increasing with the proliferation of internet-enabled, machine to machine connectivity and unsupervised in-field deployment. Authentication and encryption are heavily used for ensuring data integrity and privacy of communications between sensors and other communicating devices.

These protocols require keys and bitstrings (secrets) to be stored as a “burned-in” key in the non-volatile memory NVM representing a vulnerability, particularly in fielded systems where adversaries can access the hardware and carry out probing and other invasive attacks uninhibited. PUFs on the other hand provide the alternative to NVM key storage, and the generation of unique and untrackable authentication information.

SECURING THE SUPPLY CHAIN

We find it essential to have ultra strong roots of trust and authentication methods, much like DNA or a finger print that is impossible to clone to assure real certainty of authenticity and trust. Securing the Supply Chain and anti-counterfeiting measures have become paramount in security. At the first stage of the fabrication of the chip the PUF can be installed to insure the integrity and security for Trust and Authentication throughout the manufacturing process to final installation and fielded use.

You’ve exercised diligent control over the design of your FPGA and SoC chips, but have you been sufficiently diligent in maintaining the verifiable identity through the physical movement of your chips along your supply chain. Numerous incidents of chip substitutions have been reported in the industry, some with devastating impact.